Update to develop

bin/v-add-sys-sftp-jail

@@ -9,11 +9,8 @@
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 
-# Importing system environment  as we run this script
-# mostly by cron which do not read it by itself
-source /etc/profile
-
 # Includes
+source /etc/profile
 source $HESTIA/func/main.sh
 source $HESTIA/conf/hestia.conf
 
@@ -22,10 +19,6 @@ source $HESTIA/conf/hestia.conf
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-if [ -z "$SFTPJAIL_KEY" ]; then
-    exit
-fi
-
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-user

@@ -204,9 +204,7 @@ if [ -x "$HESTIA/data/packages/$package.sh" ]; then
 fi
 
 # Adding jailed sftp env
-if [ ! -z "$SFTPJAIL_KEY" ]; then
-    $BIN/v-add-user-sftp-jail $user
-fi
+$BIN/v-add-user-sftp-jail $user
 
 # Logging
 log_history "added system user $user" '' 'admin'

bin/v-add-user-sftp-jail

@@ -23,14 +23,17 @@ source $HESTIA/conf/hestia.conf
 
 check_args '1' "$#" 'USER'
 is_format_valid 'user'
-if [ -z "$SFTPJAIL_KEY" ]; then
-    exit
-fi
 user_str=$(grep "^$user:" /etc/passwd |egrep "rssh|nologin")
 if [ -z "$user_str" ]; then
     exit
 fi
 
+# Do not create chroot for syslog user
+if [ $user = "syslog" ]; then
+    exit
+fi
+
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-add-web-domain-ftp

@@ -92,9 +92,7 @@ echo "$ftp_user:$password" | /usr/sbin/chpasswd
 ftp_md5=$(awk -v user=$ftp_user -F : 'user == $1 {print $2}' /etc/shadow)
 
 # Adding jailed sftp env
-if [ ! -z "$SFTPJAIL_KEY" ]; then
-    $BIN/v-add-user-sftp-jail $ftp_user
-fi
+$BIN/v-add-user-sftp-jail $ftp_user
 
 
 #----------------------------------------------------------#

bin/v-change-user-shell

@@ -40,12 +40,10 @@ shell_path=$(grep -w "$shell" /etc/shells | head -n1)
 shell=$(basename $shell_path)
 
 # Adding jailed sftp env
-if [ ! -z "$SFTPJAIL_KEY" ]; then
-    if [[ "$shell" =~ nologin ]] || [[ "$shell" =~ rssh ]]; then
-        $BIN/v-add-user-sftp-jail $user >/dev/null 2>&1
-    else
-        $BIN/v-delete-user-sftp-jail $user >/dev/null 2>&1
-    fi
+if [[ "$shell" =~ nologin ]] || [[ "$shell" =~ rssh ]]; then
+    $BIN/v-add-user-sftp-jail $user >/dev/null 2>&1
+else
+    $BIN/v-delete-user-sftp-jail $user >/dev/null 2>&1
 fi
 
 

bin/v-delete-sys-sftp-jail

@@ -22,10 +22,6 @@ source $HESTIA/conf/hestia.conf
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-#if [ -z "$SFTPJAIL_KEY" ]; then
-#    exit
-#fi
-
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-delete-user

@@ -75,9 +75,7 @@ sed -i "/ $user$/d" $HESTIA/data/queue/disk.pipe
 sed -i "/ $user$/d" $HESTIA/data/queue/traffic.pipe
 
 # Deleting sftp jail
-if [ ! -z "$SFTPJAIL_KEY" ]; then
-    $BIN/v-delete-user-sftp-jail $user
-fi
+$BIN/v-delete-user-sftp-jail $user
 
 # Deleting system user
 /usr/sbin/userdel -f $user >> /dev/null 2>&1

bin/v-delete-web-domain-ftp

@@ -57,9 +57,7 @@ if [ "$?" != 0 ]; then
 fi
 
 # Deleting sftp jail
-if [ ! -z "$SFTPJAIL_KEY" ]; then
-    $BINv-delete-user-sftp-jail $ftp_user
-fi
+$BINv-delete-user-sftp-jail $ftp_user
 
 
 #----------------------------------------------------------#

bin/v-list-sys-config

@@ -41,8 +41,6 @@ json_list() {
         "DISK_QUOTA": "'$DISK_QUOTA'",
         "FIREWALL_SYSTEM": "'$FIREWALL_SYSTEM'",
         "FIREWALL_EXTENSION": "'$FIREWALL_EXTENSION'",
-        "FILEMANAGER_KEY": "'$FILEMANAGER_KEY'",
-        "SFTPJAIL_KEY": "'$SFTPJAIL_KEY'",
         "REPOSITORY": "'$REPOSITORY'",
         "VERSION": "'$VERSION'",
         "LANGUAGE": "'$LANGUAGE'",
@@ -126,15 +124,6 @@ shell_list() {
     if [ ! -z "$DISK_QUOTA" ]; then
         echo "Disk Quota:     $DISK_QUOTA"
     fi
-    if [ ! -z "$FILEMANAGER_KEY" ]; then
-        echo "FileManager:    $FILEMANAGER_KEY"
-    fi
-    if [ ! -z "$SFTPJAIL_KEY" ]; then
-        echo "SFTP Chroot:    $SFTPJAIL_KEY"
-    fi
-    if [ ! -z "$SOFTACULOUS" ]; then
-        echo "Softaculous:    $SOFTACULOUS"
-    fi
     if [ ! -z "$LANGUAGE" ] && [ "$LANGUAGE" != 'en' ]; then
         echo "Language:       $LANGUAGE"
     fi
@@ -149,9 +138,8 @@ plain_list() {
     echo -ne "$ANTIVIRUS_SYSTEM\t$ANTISPAM_SYSTEM\t$DB_SYSTEM\t"
     echo -ne "$DNS_SYSTEM\t$DNS_CLUSTER\t$STATS_SYSTEM\t$BACKUP_SYSTEM\t"
     echo -ne "$CRON_SYSTEM\t$DISK_QUOTA\t$FIREWALL_SYSTEM\t"
-    echo -ne "$FIREWALL_EXTENSION\t$FILEMANAGER_KEY\t$SFTPJAIL_KEY\t"
-    echo -ne "$REPOSITORY\t$VERSION\t$LANGUAGE\t$BACKUP_GZIP\t$BACKUP\t"
-    echo -e "$MAIL_URL\t$DB_PMA_URL\t$DB_PGA_URL"
+    echo -ne "$FIREWALL_EXTENSION\t$REPOSITORY\t$VERSION\t$LANGUAGE\t"
+    echo -e "$BACKUP_GZIP\t$BACKUP\t$MAIL_URL\t$DB_PMA_URL\t$DB_PGA_URL"
 }
 
 
@@ -163,19 +151,18 @@ csv_list() {
     echo -n "'ANTIVIRUS_SYSTEM','ANTISPAM_SYSTEM','DB_SYSTEM',"
     echo -n "'DNS_SYSTEM','DNS_CLUSTER','STATS_SYSTEM','BACKUP_SYSTEM',"
     echo -n "'CRON_SYSTEM','DISK_QUOTA','FIREWALL_SYSTEM',"
-    echo -n "'FIREWALL_EXTENSION','FILEMANAGER_KEY','SFTPJAIL_KEY',"
-    echo -n "'REPOSITORY','VERSION','LANGUAGE','BACKUP_GZIP','BACKUP',"
-    echo -n "'MAIL_URL','DB_PMA_URL','DB_PGA_URL'"
+    echo -n "'FIREWALL_EXTENSION','REPOSITORY',"
+    echo -n "'VERSION','LANGUAGE','BACKUP_GZIP','BACKUP','MAIL_URL',"
+    echo -n "'DB_PMA_URL','DB_PGA_URL'"
     echo
     echo -n "'$WEB_SYSTEM','$WEB_RGROUPS','$WEB_PORT','$WEB_SSL',"
     echo -n "'$WEB_SSL_PORT','$WEB_BACKEND','$PROXY_SYSTEM','$PROXY_PORT',"
     echo -n "'$PROXY_SSL_PORT','$FTP_SYSTEM','$MAIL_SYSTEM','$IMAP_SYSTEM',"
     echo -n "'$ANTIVIRUS_SYSTEM','$ANTISPAM_SYSTEM','$DB_SYSTEM',"
     echo -n "'$DNS_SYSTEM','$DNS_CLUSTER','$STATS_SYSTEM','$BACKUP_SYSTEM',"
-    echo -n "'$CRON_SYSTEM','$DISK_QUOTA','$FIREWALL_SYSTEM',"
-    echo -n "'$FIREWALL_EXTENSION','$FILEMANAGER_KEY','$SFTPJAIL_KEY',"
-    echo -n "'$REPOSITORY','$VERSION','$LANGUAGE','$BACKUP_GZIP','$BACKUP',"
-    echo -n "'$MAIL_URL','$DB_PMA_URL','$DB_PGA_URL', '$SOFTACULOUS'"
+    echo -n "'$CRON_SYSTEM','$DISK_QUOTA','$FIREWALL_SYSTEM','$REPOSITORY',"
+    echo -n "'$FIREWALL_EXTENSION','$VERSION','$LANGUAGE','$BACKUP_GZIP',"
+    echo -n "'$BACKUP','$MAIL_URL','$DB_PMA_URL','$DB_PGA_URL'"
     echo
 }
 

install/hst-install-debian.sh

@@ -1608,6 +1608,10 @@ check_result $? "can't create admin user"
 $HESTIA/bin/v-change-user-shell admin nologin
 $HESTIA/bin/v-change-user-language admin $lang
 
+# Enable sftp jail
+$HESTIA/bin/v-add-sys-sftp-jail > /dev/null 2>&1
+check_result $? "can't enable sftp jail"
+
 # Roundcube permissions fix
 if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
     if [ ! -d "/var/log/roundcube" ]; then

install/hst-install-ubuntu.sh

@@ -1546,6 +1546,10 @@ if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then
     groupdel admin > /dev/null 2>&1
 fi
 
+# Enable sftp jail
+$HESTIA/bin/v-add-sys-sftp-jail > /dev/null 2>&1
+check_result $? "can't enable sftp jail"
+
 # Adding Hestia admin account
 $HESTIA/bin/v-add-user admin $vpass $email default System Administrator
 check_result $? "can't create admin user"

install/hst-install.sh

@@ -6,7 +6,7 @@
 # Currently Supported Operating Systems:
 #
 #   Debian 8, 9
-#   Ubuntu 14.04, 16.04, 18.04
+#   Ubuntu 16.04, 18.04
 #
 
 # Am I root?
@@ -42,14 +42,26 @@ case $(head -n1 /etc/issue | cut -f 1 -d ' ') in
     *)          type="NoSupport" ;;
 esac
 
-no_support_message() {
-    echo "Your OS is currently not supported, please consider to use:"
-    echo "  Debian:  8, 9"
-    echo "  Ubuntu:  16.04, 18.04"
+# Detect release for Debian
+if [ "$type" = "debian" ]; then
+    release=$(cat /etc/debian_version|grep -o [0-9]|head -n1)
+    VERSION='debian'
+elif [ "$type" = "ubuntu" ]; then
+    release="$(lsb_release -s -r)"
+    VERSION='ubuntu'
+fi
+
+no_support_message(){
+    echo "****************************************************"
+    echo "Your operating system (OS) is not supported by"
+    echo "Hestia Control Panel. Officially supported releases:"
+    echo "****************************************************"
+    echo "  Debian 8, 9"
+    echo "  Ubuntu 16.04 LTS, 18.04 LTS"
+    echo ""
     exit 1;
 }
 
-# Check if OS is supported
 if [ "$type" = "NoSupport" ]; then
     no_support_message
 fi
@@ -80,24 +92,12 @@ check_wget_curl(){
     fi
 }
 
-
-# Detect codename for debian
-if [ "$type" = "debian" ]; then
-    release=$(cat /etc/debian_version|grep -o [0-9]|head -n1)
-    VERSION='debian'
-fi
-
-# Detect codename for ubuntu
-if [ "$type" = "ubuntu" ]; then
-    release="$(lsb_release -s -r)"
-    VERSION='ubuntu'
-fi
-
-# Check Ubuntu Version Are Acceptable to install
+# Check for supported operating system before proceeding with download
+# of OS-specific installer, and throw error message if unsupported OS detected.
 if [[ "$release" =~ ^(8|9|16.04|18.04)$ ]]; then
     check_wget_curl
 else
     no_support_message
 fi
 
-exit
+exit

install/upgrade/0.9.8-29.sh

@@ -14,7 +14,6 @@ source /usr/local/hestia/func/main.sh
 mkdir -p $HESTIA_BACKUP/templates/
 mkdir -p $HESTIA_BACKUP/packages/
 
-
 echo "(*) Upgrading to Hestia Control Panel v$VERSION..."
 
 # Generating dhparam.
@@ -178,3 +177,6 @@ done
 echo "(*) Setting awstats as default web statistics backend..."
 apt purge webalizer -y > /dev/null 2>&1
 sed -i "s/STATS_SYSTEM='webalizer,awstats'/STATS_SYSTEM='awstats'/g" $HESTIA/conf/hestia.conf
+
+# Run sftp jail once
+$HESTIA/bin/v-add-sys-sftp-jail

src/hst_autocompile.sh

@@ -6,7 +6,7 @@ INSTALL_DIR='/usr/local/hestia'
 
 # Set Version for compiling
 HESTIA_V='0.9.8-29_amd64'
-NGINX_V='1.15.10'
+NGINX_V='1.15.11'
 OPENSSL_V='1.1.1b'
 PCRE_V='8.42'
 ZLIB_V='1.2.11'

web/download/file/index.php

@@ -1,33 +0,0 @@
-<?php
-include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
-
-if ((!isset($_SESSION['FILEMANAGER_KEY'])) || (empty($_SESSION['FILEMANAGER_KEY']))) {
-    header("Location: /login/");
-    exit;
-}
-
-$user = $_SESSION['user'];
-if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
-    $user = $_SESSION['look'];
-}
-
-$path = $_REQUEST['path'];
-if (!empty($path)) {
-    set_time_limit(0);
-	if (ob_get_level()) {
-	  ob_end_clean();
-	}	
-    header("Content-type: application/octet-stream");
-    header("Content-Transfer-Encoding: binary");
-    header("Content-disposition: attachment;filename=".basename($path));
-	$output = '';
-	exec(HESTIA_CMD . "v-check-fs-permission " . $user . " " . escapeshellarg($path), $output, $return_var);
-	if ($return_var != 0) {
-	  print 'Error while opening file'; // todo: handle this more styled
-	  exit;
-	}
-	readfile($path);
-    exit;
-} else {
-    die('File not found');
-}

web/view/file/index.php

@@ -1,43 +0,0 @@
-<?php 
-
-include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
-
-if ((!isset($_SESSION['FILEMANAGER_KEY'])) || (empty($_SESSION['FILEMANAGER_KEY']))) {
-    header("Location: /login/");
-    exit;
-}
-
-$user = $_SESSION['user'];
-if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
-    $user=$_SESSION['look'];
-}
-
-if (!empty($_REQUEST['path'])) {
-    $path = htmlspecialchars($_REQUEST['path'], ENT_QUOTES, 'UTF-8');
-    if (!empty($_REQUEST['raw'])) {
-        header('content-type: image/jpeg');
-        passthru (HESTIA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg($path));
-        exit;
-    }
-}
-else {
-    die('File not found');
-}
-
-?>
-<!DOCTYPE html>
-<html>
-    <head>
-        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-        <title>fotorama</title>
-    <script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
-    <link href="//cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.2/fotorama.css" rel="stylesheet">
-    <script src="//cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.2/fotorama.js"></script>
-    </head>
-    <body>
-        <div style="background-color: #eee; /*display: inline-block; vertical-align: middle;*/ height: 100%; text-align: center; /*position: absolute; /*top: 50%; left: 50%; margin-top: -50px; margin-left: -50px;  /*data-maxheight="100%" data-maxwidth="100%" */"
-    class="fotoram" data-fit="scaledown" data-allowfullscreen="true" data-nav="false">
-         <img src="/view/file/?path=<?=$path?>&raw=true" style="background: #3A6F9A; vertical-align: middle;  /*max-height: 25px; max-width: 160px;*/" />
-        </div>
-    </body>
-</html>